{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-08-15T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "shortName": "ibm"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160"}, {"name": "lotus-domino-response-splitting(77400)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77400"}, {"tags": ["x_refsource_MISC"], "url": "http://websecurity.com.ua/5839/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "psirt@us.ibm.com", "ID": "CVE-2012-3301", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160", "refsource": "CONFIRM", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160"}, {"name": "lotus-domino-response-splitting(77400)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77400"}, {"name": "http://websecurity.com.ua/5839/", "refsource": "MISC", "url": "http://websecurity.com.ua/5839/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T19:57:50.501Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160"}, {"name": "lotus-domino-response-splitting(77400)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77400"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://websecurity.com.ua/5839/"}]}]}, "cveMetadata": {"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522", "assignerShortName": "ibm", "cveId": "CVE-2012-3301", "datePublished": "2012-08-21T10:00:00", "dateReserved": "2012-06-07T00:00:00", "dateUpdated": "2024-08-06T19:57:50.501Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0:*:*:*:*:*:*:*", "matchCriteriaId": "A1588F54-4E8B-43C3-85E5-A12C04B694CD", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.0.1:*:*:*:*:*:*:*", "matchCriteriaId": "B6DDD0E9-9084-4F0A-B3F1-8357CAD88A3E", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.1:*:*:*:*:*:*:*", "matchCriteriaId": "ECF00AEE-9A3A-46E3-8B0F-2131E3235431", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.2:*:*:*:*:*:*:*", "matchCriteriaId": "9861BE52-4945-4F36-B6EF-701DB789CA28", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.3:*:*:*:*:*:*:*", "matchCriteriaId": "0D6BFA82-5CA0-403F-98E6-342EF87AE366", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.4:*:*:*:*:*:*:*", "matchCriteriaId": "79CBA8AF-9C3D-4510-8D91-7C42931CD3FF", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.1.5:*:*:*:*:*:*:*", "matchCriteriaId": "6DB694E3-96E1-4283-8DE3-91E930F76A65", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "EDB2B497-83A2-41A4-9F0D-CD17080CC1DA", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.1:*:*:*:*:*:*:*", "matchCriteriaId": "91D7FA80-1FD9-48F3-934A-FC7B3BAD4FD6", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "E30C8593-884E-4F6B-B107-0B3276EB1102", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.3:*:*:*:*:*:*:*", "matchCriteriaId": "A5B5CCB4-BB4F-4677-A7AA-B7C20682A00D", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "2408220F-FBDB-419E-8F04-35BED47CE213", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "350ACC22-669F-4429-A525-36F56EF9678C", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.1:*:*:*:*:*:*:*", "matchCriteriaId": "3C068055-FB7A-4AFB-AF29-28238ECF126F", "vulnerable": true}, {"criteria": "cpe:2.3:a:ibm:lotus_domino:8.5.3.2:*:*:*:*:*:*:*", "matchCriteriaId": "1ACB4B2C-CCE1-4A0A-B962-B8C208869589", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Multiple CRLF injection vulnerabilities in the HTTP server in IBM Lotus Domino 8.5.x before 8.5.4 allow remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted input involving (1) Mozilla Firefox 3.0.9 and earlier or (2) unspecified browsers."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n CRLF en el servidor HTTP en IBM Lotus Domino v8.5.x anterior a v8.5.4 permite a atacantes remotos inyectar cabeceras HTTP arbitrarias y llevar a cabo ataques de divisi\u00f3n de respuesta que involucran (1)Mozilla Firefox v3.0.9 y anteriores o (2) otros navegadores no especificados."}], "id": "CVE-2012-3301", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2012-08-21T10:46:10.700", "references": [{"source": "psirt@us.ibm.com", "url": "http://websecurity.com.ua/5839/"}, {"source": "psirt@us.ibm.com", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160"}, {"source": "psirt@us.ibm.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77400"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://websecurity.com.ua/5839/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21608160"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/77400"}], "sourceIdentifier": "psirt@us.ibm.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-20"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}